CVEDB API

Vulnerabilities

Vulnerable Software

Paid To Read Script Project: Security Vulnerabilities

CVE-2017-17776

Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.

CVSS Score

5.3

EPSS Score

0.002

Published

2017-12-20

CVE-2017-17777

Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.

CVSS Score

9.8

EPSS Score

0.008

Published

2017-12-20

CVE-2017-17778

Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter.

CVSS Score

4.8

EPSS Score

0.002

Published

2017-12-20

CVE-2017-17779

Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.

CVSS Score

9.8

EPSS Score

0.003

Published

2017-12-20

CVE-2017-17651

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.

CVSS Score

9.8

EPSS Score

0.025

Published

2017-12-18

Page 1

Vulnerabilities

Vulnerable Software

Paid To Read Script Project: Security Vulnerabilities

Products

Pricing

Contact Us